A man proved Meta's AI platform is not so secure and got paid $10,000
Meta has recently resolved a critical security flaw that exposed private prompts and AI-generated responses from its Meta AI chatbot to other users, a report by TechCrunch reads. The issue was discovered by Sandeep Hodkasia, founder of security testing firm AppSecure, who reported the vulnerability back in December 2024. For his disclosure, Meta awarded him $10,000 through its bug bounty program (if you happen to find anything, don't hesitate to report on it). The company confirmed that the bug is now patched, and stated that there was no evidence of malicious exploitation. However, that should ring a bell for everyone who uses AI without a second thought. I won't be the one who tells you to avoid AI like the plague, but one should definitely act cautiously. A line of code could cost you dearly.
Image by Meta Hodkasia uncovered the flaw while examining how Meta AI lets logged-in users edit prompts to regenerate responses. He noticed that each edited prompt was assigned a unique identifier by Meta's back-end systems. By intercepting network traffic during this process, he realized that altering the identifier allowed access to other users' prompts and responses. The problem stemmed from Meta's failure to validate whether a user was authorized to view a given prompt. According to Hodkasia, the identifiers were predictable, which could have enabled attackers to automate the process and collect sensitive user inputs at scale.The discovery comes amid broader criticism of Meta AI's privacy practices. Since the launch of its stand-alone app earlier this year, users have inadvertently exposed private conversations by misunderstanding sharing options. The app includes a feature allowing users to share interactions publicly, but many appear unaware that they are posting personal queries, images, and even audio clips for public viewing. Some of these slip-ups have revealed highly sensitive details, from questions about financial crimes and legal troubles to personal data like home addresses. Yikes! Despite the company's heavy investment in AI, the Meta AI app has seen limited adoption, with about 6.5 million downloads since its April 29 release, according to app analytics firm Appfigures.
Well, nothing is perfect, but a couple more bugs like that and Meta will have to find a new name for the platform. Like Google did with Bard, that is now called Gemini. Secure your connection now at a bargain price!
We may earn a commission if you make a purchase Check Out The Offer
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Phone Arena
14 minutes ago
- Phone Arena
Motorola is reportedly bringing the Moto 360 Watch back this year with this familiar design
What feels like a throwback to the early days of Android smartwatches is now shaping up to what might be one of Motorola's most surprising moves of the year. The company is reportedly preparing to relaunch the Moto 360 in 2025, and newly leaked images offer an early look at the refreshed design. Originally launched in 2014, the Moto 360 was the first circular smartwatch to run Android Wear, though it had a distinctive "flat tire" cutout at the bottom of the screen. Motorola followed up with a second generation in 2015 before shelving the series in 2017. A third model appeared in 2021, but it was developed by eBuyNow, a Canadian company that licensed the Moto brand. That model ran Wear OS and offered updated internals in a familiar shell, as we previously reported. Now, the Moto 360 name is back again, and this time it looks like Motorola is handling the relaunch in-house. The 2025 version keeps the round display but adopts a more refined frame with a rotating crown at the 2 o'clock position and a secondary button at 4 o'clock. It's a setup that closely resembles the OnePlus Watch 3. Leaked renders of the 2025 version of the rumored Moto 360 watch. | Images credit — Android Headlines Interestingly, it also appears that Motorola is moving ahead with five color variants for this new model. The case appears to have a brushed metal finish and flatter lugs than the older eBuyNow version. That said, many questions remain—particularly around software. As with the Moto Watch Fit earlier this year, the new Moto 360 may not use Google's Wear OS at all. Instead, Motorola could be relying on its in-house Moto Watch OS, a real-time operating system (RTOS) designed for better efficiency and longer battery life. The company has used this approach before and could be considering a dual-OS setup, pairing Moto Watch OS with a light version of Wear OS for specific features. That said, the UI shown in the leaked images bears a close resemblance to Wear OS, which raises the possibility that Motorola may still be aiming for some level of compatibility with Google's ecosystem. While no launch date has been confirmed, the name suggests it could arrive later this year. If Motorola does bring the Moto 360 back with meaningful upgrades and thoughtful software integration, it may find a niche among users nostalgic for classic smartwatch designs. We will, of course, be keeping a close eye on how this model develops and whether it signals a broader return to form for Motorola's wearable lineup. I have noticed there seems to be quite a bit of interest in classic-looking watches, such as the Samsung Galaxy Watch 8 Classic, signaling this could be a good move on Motorola's part to provide some competition in this space.
Phone Arena
44 minutes ago
- Phone Arena
Google Pixel 10 leak hints at a bolder color shift and a missing favorite
We're still a few weeks out from the Pixel 10's expected debut, but a new leak has revealed what could be the phone's full set of color options. As per this report, the base model may launch in four colors: Obsidian, Indigo, Frost, and Limoncello. Obsidian is Google's long-running black finish and isn't going anywhere. The other three colors are more new and unique. Limoncello is a greenish yellow that's been rumored for months. Indigo looks like a darker version of Bay blue from the Pixel 7 series, while Frost appears to be a light blue with a subtle purple tone. So far, this leak only applies to the regular Pixel 10 . There's no word yet on what colors the Pixel 10 Pro or other variants might come in. Earlier reports we published at PhoneArena mentioned that the Pixel 10 Pro could launch in exclusive shades like Mojito and Licorice, which have yet to be confirmed. These reports also indicate that Google may use slightly different materials for each model, which could affect how the colors appear in person. Leaked (rumored) Google Pixel 10 base model colors. | Images credit — Android Headlines One surprise in this latest leak is the possible absence of Porcelain, Google's typical white or off-white color. It has been a mainstay of the Pixel series for years, and its omission this time may suggest a shift toward more colorful and expressive finishes. Another important point we've covered is how certain Pixel 10 colorways could be tied to specific storage options. Based on what we've seen, the base Pixel 10 might only come with 128GB of storage, while the Pixel 10 Pro is expected to offer up to 256GB or more. However, not all colors may be available in all configurations. For instance, Limoncello might be limited to one storage tier, which could influence how customers choose their model. With the launch expected in just a month from now on August 20, we can expect more leaks in the coming weeks. However, this early look at the color palette gives us another piece of the puzzle as we prepare for the Pixel 10 's official reveal which we will be covering in full right here.
GSM Arena
3 hours ago
- GSM Arena
Google Pixel 10 leaked renders show all colors
Google is launching the Pixel 10 family at its upcoming event taking place on August 20, and ahead of that, today the vanilla Pixel 10 has been portrayed in some official-looking leaked renders. These show all four colors that the phone will allegedly be offered in: Obsidian, Indigo, Frost, and Limoncello. Interestingly, Porcelain (Google's name for white) is gone from the Pixel 10, if these are in fact all the colors as the source of the renders implies. Google Pixel 10 leaked renders Obsidian has long been the name used by Google to refer to a dark gray or black hue, Indigo is a royal blue, Frost is a very very slight blue tinge on a silver-ish base, and Limoncello is, unsurprisingly given the inspiration for its name, a yellow-green tone. The main upgrade in the Pixel 10 compared to its predecessor from last year is the addition of a third camera, a telephoto. That said, past rumors have claimed that this will come at the expense of the other two cameras being downgraded somewhat, presumably in order to keep the pricing unchanged - or make the Pro models more attractive to buyers. The Pixel 10's main camera will be 48 MP, the ultrawide 12 MP, and the telephoto 10.8 MP. The main sensor is reportedly identical to that of the mid-range Pixel 9a, while the telephoto is the same one used in the Pixel 9 Pro Fold. Like the other members of the family, the Pixel 10 will be powered by the Tensor G5 SoC. Pre-orders are expected to start on August 20, with the release date being August 28. Source
